package org.apache.tapestry5.csrfprotection.victimapp.pages;


import org.apache.tapestry5.annotations.InjectPage;
import org.apache.tapestry5.annotations.Log;
import org.apache.tapestry5.annotations.Property;
import org.apache.tapestry5.annotations.SessionState;
import org.apache.tapestry5.csrfprotection.NotCsrfProtected;

import util.AuthenticationState;
import util.User;

/**
 * Start page of application victimapp.
 */

@NotCsrfProtected
public class Index 
{
	@SessionState
	@Property
	private AuthenticationState auth;
	
	@Property
	private String username = "TestUser";
	
	@InjectPage
	private Status status;
	 
	@SessionState(create=true)
	private User user;
	    	
	@Log
	Object onSuccess(){
		auth.setLoggedIn(true);
		auth.setUserName(username);
		user.setAge(26);
		user.setFirstName("John");
		user.setLastName("Doe");
		user.setId(123);
		return status;
	}
}
